Rafael Lustosa Granha - Information Security Specialist

job@rafaelgranha.com / +55(21)8257-7777
Rio de Janeiro, Brazil

  •  Summary 

Ten years of direct experience in Information Security. Has worked at small, medium and large companies (Bank, Energy, Government and Technology). My role at IBM Internet Security Systems (ISS) as Security Engineer consists of consultancy to deliver critical security projects. Has also worked as Information Security Specialist for Petrobras for almost 6 years. At Petrobras I've acquired deep understanding and experience about the security issues that business operation of energy/petroleum commerce, banking, industries and IT general clients. I have experience with the development of security policies; design and delivery of the network security infrastructure and related architectures. Incident Handling, Intrusion Analysis/Prevention. I had goals in other jobs by securing financial system (Brazilian Payment System – PCI Related), Storage Systems, Clustering/High Availability for complex architectures, Network Tunings and related documentation.


  • Specialties and Tools

 Project Management, Relationship with Suppliers, Risk Analysis, Web Security, Forensic Analysis, Network Intrusion Detection/Prevention, Incident Handling, Design Network Security (using Visio), Perimeter Security, Penetration Tests, Industrial Network Security, ITIL, Cobit, Sarbanes Oxley. Certification: LPIC. Actually preparing for CISSP and PCI.

Unix (*BSD, SystemV rel. 4, AIX), Linux (RedHat, SuSE, Debian, Slackware, and so), Windows, Cisco Routers, Storages (DAS, NAS, SAN: NetApp, EMC and Hitachi), Checkpoint/Linux/BSD hi-ending firewalls & VPN’s, IBM MQSeries, any networking services with any operational systems like HTTP/HTTPS (Apache, IIS), Proxy, e-mail (postfix, sendmail, qmail, Microsoft Exchange, Lotus Notes), DNS, NTP, SNMP, SMTP, LDAP, POP, SSH/SCP, TELNET, FTP/TFTP, and so, NTLM, Kerberos, LDAP, IPSec, Radius authentications. Programming knowledge in PHP, ASP, Perl, Shellscript, C and HTML.


  •  Experience

IBM Brasil Ltda.       [industry, technology and services]     2008-Present     RJ/BRAZIL

Security Engineer

    Project Development, Management, Consultancy and Delivery of complex network security solutions;

    Pre-sales Support.    


Petrobras Distrubuidora S.A.     [government and energy]   2003-2008     RJ/BRAZIL
(CPM Braxis S.A.: 2003-2006; Stefanini IT Consulting S.A.: 2007-2008)

Senior Information Security Specialist

     Project management of Information Security policies and solutions using PMI concepts, ITIL and Sarbanes Oxley;
    Management of the network security infrastructure; provide consultancy for engineering and project management teams on design of security related architectures; incident handling, intrusion analysis/prevention. 

Some successful projects:

- Sarbanes-Oxley and ITIL for Information Security subjects; 
- Intrusion Prevention and Detection system at critical perimeters;
- Checkpoint and SonicWall: Firewall and VPN implementation and administration for ~400 servers, ~8000 users and gas stations;
- Virtual Private Network (VPN) for company's Gas Stations using SonicWall and Juniper technologies;
- Storage Project for Lotus Notes application servers, Windows and Novell file servers through
SAN and NAS snapshot technologies (NetApp);
- High Availability Checkpoint firewall clustering (HA).

BVA Bank S.A.                    [investment bank]                  2001-2002          RJ/BRAZIL

Network Support Analyst

    Brazilian Payment System (SPB) Project implementation using MQSeries, Java and some cryptography technologies through National Finance Network System (RSFN) including its contingencies to the Central Bank of Brazil (BACEN);

   General IT security and infra-structure projects.

Promon Technology; Promon*IP            [IT]                 2000-2001         RJ/BRAZIL

Information Security Specialist

    Deployment infrastructure for great companies like OGlobo journal and it’s web portal, Columbia Tristar Pictures nominated TOP3 iBest 2001, UBS Warbug Bank, ONU’s intranet, and so.  
    These projects increased company’s international sales about 109% in one year.


  •  Education

Rio de Janeiro City University - UniverCidade             2003-2008          RJ/BRAZIL

     Associate Degree in Computer Systems Analysis and Development


Linux Professional Institute                                          2004                VA/CANADA

   Linux Professional Institute Certified (LPIC)  

Linux Professional Institute Certified                           (LPI-C101)
Linux Professional Institute Certified Administrator       (LPI-C102)
                         (ID: LPI000031361).

CheckPoint Security      
                        (ID: CP0000038285).


  •  References



 Doc: Resume_RafaelGranha_English2008.doc
 Pdf:  Resume_RafaelGranha_English2008.pdf